Vulnerabilities > Parallels > Parallels Plesk Panel > 11.0.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-04-18 | CVE-2013-0133 | Unspecified vulnerability in Parallels Plesk Panel 11.0.9 Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable. | 7.2 |
| 2013-04-18 | CVE-2013-0132 | Code Injection vulnerability in Parallels Plesk Panel 11.0.9 The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing crafted environment variables. | 6.8 |